RFID (radio frequency identification) tags provide simple and cost effective means to tag a variety of goods by transmitting a unique serial number or other identifying information to a reader in response to a query from a reader. RFID tags can be read if they are in the range of a reader, typically up to a few meters for appropriate readers, multiple tags can be interrogated by the same reader, and without readers being within line-of-sight to the tag. These properties can ease management of goods all the way from manufacturing to retailing, for example in warehouse logistics, at checkout tills and so on.
However, as RFID tags can be read secretly, i.e. without the person carrying the tag noticing it, privacy issues may arise. In particular, customers may be traced and classified according to their purchased goods even beyond the point of sale.
Various approaches have been suggested to protect the privacy of customers. One solution is to effectively disable the RFID tags once the attached good has left the supply chain, for example at checkout tills. For this purpose, a so called “kill” request can be issued to an RFID tag, as disclosed in an article by K. P. Fishkin, S. Roy and D. Jiang titled “Some methods for privacy in RFID communication”, published in the European Workshop on Security in Ad-Hoc and Sensor Networks (ESAS 2004), LNCS 3313, pages 42 to 53, Springer 2004. However, added hardware has to be included in the RFID tag and is not transparent to customers.
Another approach includes physically removing or disconnecting at least parts of the RFID tag. Such an approach has been suggested by G. Karjoth and P. A. Moskowitz in a paper titled “Disabling RFID Tags with Visible Confirmation: Clipped Tags are Silenced” in the proceedings of the 2005 ACM Workshop on Privacy in the Electronic Society (WPES 05), ACM press. Again, RFID tags need to be modified for this approach.
Finally, a blocker device as disclosed in US patent application US 2004/0223481 A1 can be used to disturb or jam radio frequency communication between RFID tags and readers. A blocker device enables blocking of parts of an address space having a predefined prefix. Thus, it may also block legitimate read requests, for example at a supermarket checkout. Further, smart readers may still identify tags due to the characteristic of the blocked paths.
Consequently, there exists a need for improved methods and devices for protecting privacy in RFID systems.